Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/0QvCIwpxR3bpNP5RGisGcKh9tl4.roa
File: 0QvCIwpxR3bpNP5RGisGcKh9tl4.roa (raw, json)
Hash identifier: o05fpl+QvO05aQyn7co8mtDbeJw4OqMmO6xVcG1jfvs=
Subject key identifier: D1:0B:C2:23:0A:71:47:76:E9:34:FE:51:1A:2B:06:70:A8:7D:B6:5E
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 01942747C74C376825BE16F39B540CB41EF0
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/0QvCIwpxR3bpNP5RGisGcKh9tl4.roa
Signing time: Thu 02 Jan 2025 13:50:02 +0000
ROA not before: Thu 02 Jan 2025 13:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207252
IP address blocks: 2a05:b0c6:3001::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:c7:4c:37:68:25:be:16:f3:9b:54:0c:b4:1e:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 2 13:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d10bc2230a714776e934fe511a2b0670a87db65e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:08:f3:5f:f6:4e:e3:ed:00:3f:40:04:de:2a:
b7:02:31:3e:8c:15:ca:f7:79:d9:a3:09:e4:ed:c5:
88:bb:7b:30:ad:3e:de:15:3a:e6:fe:0b:de:eb:60:
ff:20:0a:ce:a4:8c:79:0e:b8:6a:d6:76:7a:67:3c:
b8:60:3a:0f:3a:d2:fb:4a:19:a8:87:5b:82:c8:ae:
e7:b4:20:92:9a:c2:bb:88:79:df:79:da:a8:e2:ee:
0b:39:5a:70:d0:0a:8f:bf:0e:f6:e9:fd:88:ea:a2:
9f:96:b7:72:b1:66:3e:b1:f5:9a:53:1b:0f:8b:e7:
9c:39:87:f4:da:6e:08:9a:6a:d3:d4:d4:20:0d:fc:
9b:9b:be:d9:02:56:82:2c:4d:a8:91:e8:30:7d:93:
1f:1d:f6:56:75:20:9a:94:0e:a6:73:c7:dd:73:08:
d2:fd:4a:22:c8:39:94:4c:c0:94:59:d0:ca:bd:66:
af:4b:bf:a1:e8:e7:70:52:fb:f8:c3:9a:df:da:07:
2b:04:87:28:f7:49:9d:3f:d6:f8:83:5c:24:bc:7f:
12:3b:af:f6:88:52:de:35:0c:47:09:cb:95:94:f5:
54:99:9d:cb:73:72:4d:40:22:06:2a:4a:35:e2:f9:
dd:2a:c4:55:17:96:cf:58:bc:0e:ce:d0:49:b6:86:
f0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:0B:C2:23:0A:71:47:76:E9:34:FE:51:1A:2B:06:70:A8:7D:B6:5E
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/0QvCIwpxR3bpNP5RGisGcKh9tl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6:3001::/48
Signature Algorithm: sha256WithRSAEncryption
79:45:00:3a:e4:fc:da:b8:e0:89:43:dc:fc:ac:e4:b5:35:48:
9a:15:4d:08:dc:d5:b8:34:94:29:19:43:c9:40:ce:6b:ff:5f:
f7:ad:d1:99:ef:01:5e:30:da:df:0a:91:10:20:d4:9c:e1:2b:
d6:09:57:bf:fa:e8:58:a5:8b:aa:da:63:27:00:3f:cf:9a:ad:
62:9f:33:27:02:36:8d:1f:4c:57:ff:dd:94:fa:bb:44:a8:ac:
d2:e3:ed:03:ce:aa:b6:67:6a:85:5e:bb:2a:f8:47:71:bd:30:
c4:d2:94:0a:1e:f2:5d:4e:88:52:bc:53:d8:1b:05:16:06:58:
ce:7a:fd:71:26:49:52:9b:df:1c:88:d9:cf:34:37:d6:ca:e6:
30:32:ea:a1:31:d3:e1:86:9f:19:a5:0d:c2:56:ff:04:35:ed:
17:b4:89:df:cc:c6:91:91:28:69:7d:8c:1a:2e:dd:a2:37:3d:
84:54:22:5b:f6:5f:72:e4:03:fe:09:0a:e0:b3:08:fd:25:f9:
1f:91:5f:7d:5d:07:ed:4a:24:5b:24:53:30:50:c9:61:fa:2e:
c6:97:67:dc:5a:5e:15:5d:20:99:b7:38:52:b0:c3:54:0f:b8:
ee:36:1c:2e:3f:8b:e9:90:7c:43:a8:05:6d:ee:88:02:59:3f:
a4:e7:ce:70
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnR8dMN2glvhbzm1QMtB7wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjUwMTAyMTM1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTBiYzIyMzBhNzE0Nzc2ZTkzNGZlNTExYTJiMDY3MGE4N2RiNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAjzX/ZO4+0AP0AE3iq3AjE+jBXK
93nZownk7cWIu3swrT7eFTrm/gve62D/IArOpIx5Drhq1nZ6Zzy4YDoPOtL7Shmo
h1uCyK7ntCCSmsK7iHnfedqo4u4LOVpw0AqPvw726f2I6qKflrdysWY+sfWaUxsP
i+ecOYf02m4ImmrT1NQgDfybm77ZAlaCLE2okegwfZMfHfZWdSCalA6mc8fdcwjS
/UoiyDmUTMCUWdDKvWavS7+h6OdwUvv4w5rf2gcrBIco90mdP9b4g1wkvH8SO6/2
iFLeNQxHCcuVlPVUmZ3Lc3JNQCIGKko14vndKsRVF5bPWLwOztBJtobwGwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNELwiMKcUd26TT+URorBnCofbZeMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvMFF2Q0l3cHhSM2JwTlA1Ukdpc0djS2g5dGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgWwxjAB
MA0GCSqGSIb3DQEBCwUAA4IBAQB5RQA65PzauOCJQ9z8rOS1NUiaFU0I3NW4NJQp
GUPJQM5r/1/3rdGZ7wFeMNrfCpEQINSc4SvWCVe/+uhYpYuq2mMnAD/Pmq1inzMn
AjaNH0xX/92U+rtEqKzS4+0Dzqq2Z2qFXrsq+EdxvTDE0pQKHvJdTohSvFPYGwUW
BljOev1xJklSm98ciNnPNDfWyuYwMuqhMdPhhp8ZpQ3CVv8ENe0XtInfzMaRkShp
fYwaLt2iNz2EVCJb9l9y5AP+CQrgswj9JfkfkV99XQftSiRbJFMwUMlh+i7Gl2fc
Wl4VXSCZtzhSsMNUD7juNhwuP4vpkHxDqAVt7ogCWT+k585w
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:19:17 2025 by rpki-client